Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Jan. 8, 2025, 12:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189221 4.3 警告 ヒューレット・パッカード - Linux および Windows の HP-UX および SMH におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5302 2012-09-25 16:59 2007-10-3 Show GitHub Exploit DB Packet Storm
189222 4.3 警告 minki - Minki の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5297 2012-09-25 16:59 2007-10-9 Show GitHub Exploit DB Packet Storm
189223 4.3 警告 livio siri - dbList の dblisttest.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5296 2012-09-25 16:59 2007-10-9 Show GitHub Exploit DB Packet Storm
189224 6.8 警告 idmos - IDMOS の core/aural.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-5294 2012-09-25 16:59 2007-10-9 Show GitHub Exploit DB Packet Storm
189225 2.6 注意 idmos - IDMOS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-5293 2012-09-25 16:59 2007-10-9 Show GitHub Exploit DB Packet Storm
189226 4.3 警告 マイクロソフト - Microsoft Internet Explorer 6 における DNS リバインド攻撃を実行される脆弱性 CWE-DesignError
CVE-2007-5277 2012-09-25 16:59 2007-10-8 Show GitHub Exploit DB Packet Storm
189227 4.3 警告 Opera Software ASA - Opera における DNS リバインディング攻撃を実行される脆弱性 CWE-DesignError
CVE-2007-5276 2012-09-25 16:59 2007-10-8 Show GitHub Exploit DB Packet Storm
189228 6.4 警告 iScripts - MultiCart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-5261 2012-09-25 16:59 2007-10-6 Show GitHub Exploit DB Packet Storm
189229 4.3 警告 SysAid Technologies Ltd. - Ilient SysAid におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2007-5259 2012-09-25 16:59 2007-10-6 Show GitHub Exploit DB Packet Storm
189230 7.5 危険 mcdu - FSD におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-5256 2012-09-25 16:59 2007-10-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Jan. 8, 2025, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
241 6.1 MEDIUM
Network 		- - The WooCommerce Digital Content Delivery (incl. DRM) – FlickRocket plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'start_date’ and 'end_date' parameters in all versions … New CWE-79
Cross-site Scripting 		CVE-2024-12438 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
242 6.1 MEDIUM
Network 		- - The Binary MLM Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page’ parameter in all versions up to, and including, 2.0 due to insufficient input sanitizati… New CWE-79
Cross-site Scripting 		CVE-2024-12384 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
243 6.1 MEDIUM
Network 		- - The Binary MLM Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing or incorrect nonce validation on the 'bmw… New CWE-352
 Origin Validation Error 		CVE-2024-12383 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
244 6.1 MEDIUM
Network 		- - The SmartEmailing.cz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'se-lists-updated' parameter in all versions up to, and including, 2.2.0 due to insufficient input sa… New CWE-79
Cross-site Scripting 		CVE-2024-12261 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
245 6.4 MEDIUM
Network 		- - The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slide_url_value' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitizat… New CWE-79
Cross-site Scripting 		CVE-2024-12073 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
246 6.4 MEDIUM
Network 		- - The Geo Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'geotargetlygeocontent' shortcode in all versions up to, and including, 6.0 due to insufficient inpu… New CWE-79
Cross-site Scripting 		CVE-2024-11887 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
247 6.4 MEDIUM
Network 		- - The SweepWidget Contests, Giveaways, Photo Contests, Competitions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sweepwidget' shortcode in all versions up to, and… New CWE-79
Cross-site Scripting 		CVE-2024-11756 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
248 6.4 MEDIUM
Network 		- - The App Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'appizy' shortcode in all versions up to, and including, 2.3.2 due to insufficient input sanitization … New CWE-79
Cross-site Scripting 		CVE-2024-11749 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
249 - - - The Tabs Shortcode WordPress plugin through 2.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could al… New - CVE-2024-11606 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm
250 6.1 MEDIUM
Network 		- - The Store credit / Gift cards for woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'coupon', 'start_date', and 'end_date' parameters in all versions up to, and… New CWE-79
Cross-site Scripting 		CVE-2024-11369 2025-01-7 15:15 2025-01-7 Show GitHub Exploit DB Packet Storm